Methods and systems for authenticating one or more users of a vehicle communications and information system

ABSTRACT

In at least one embodiment, a system for authorizing use of a vehicle communication and information system may include one or more data processors configured to receive information associating one or more devices with a vehicle computer. The data processor(s) may be also configured to receive information identifying a user requesting authorization to command the vehicle controls from the one or more devices associated with the vehicle computer. The user(s) may be authorized to command the vehicle controls from the one or more devices associated with the vehicle computer based on performing an authentication process for authenticating the user, determining that the user is an authenticated user based on the authentication process, and enabling command of one or more vehicle controls from the one or more remote devices via the associated vehicle computer based on the user being authenticated.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. application Ser. No. 13/078,345 filed Apr. 1, 2011, now pending, the disclosure of which is incorporated in its entirety by reference herein.

TECHNICAL FIELD

Various embodiments relate to an authentication process for authenticating one or more user of a vehicle communication and information system. In some embodiments, one or more vehicle users may be authenticated before operating one or more vehicle controls from a device remote from a vehicle.

BACKGROUND

For a variety of reasons including, but not limited to, identification, security, and safety, a vehicle owner or user may be authenticated as an authorized user of a vehicle communications and information computing system before the system can be used by the vehicle owner. Typically, this authentication may occur prior to first use of the vehicle and/or vehicle communications and information system. The authentication may occur at a dealership by a dealer or dealer representative. Additionally or alternatively, the authorization process may occur through a telephone call, or other communication, to the automotive OEM (or an entity associated with the automotive OEM responsible for handling such calls) by the dealer, the vehicle owner, or other authorized person.

SUMMARY

One aspect is a system for authorizing use of a vehicle communication and information system. The system includes one or more data processors. The data processor(s) may be configured to receive information associating one or more devices remote from a vehicle with a vehicle computer. Further, the data processor(s) may be configured to receive information identifying a user. The user may request authorization to command one or more vehicle controls from the one or more devices which are associated with the vehicle computer. The data processor(s) may be further configured to authorize the user to command one or more vehicle controls from the one or more devices associated with the vehicle computer.

Authorizing the user(s) may include performing an authentication process for authenticating the user. Further, it may be determined that the user is an authenticated user based on the authentication process. Based on the user being authenticated, the command of one or more vehicle controls from the one or more remote devices via the associated vehicle computer may be authorized.

In some embodiments, the authentication process may include receiving one or more inputs for authentication and authenticating the user based on the one or more inputs for authentication. The one or more inputs may be one or more authentication items including, but not limited to, one or more touch-based inputs, information from one or more vehicle key transponders, one or more voice commands, one or more codes, one or more patterns of maneuvers, or at least one question and answer process.

In some embodiments, the inputs for authentication may be received in the vehicle.

Another aspect is a computer-implemented method for authorizing use of the vehicle communication and information system. The method may include receiving information at one or more data processors indicating that a vehicle communications and information system (VCIS) is associated with one or more command devices from which one or more users command the VCIS. The method may also include authorizing at the data processor(s) the one or more users to command the VCIS from the one or more associated command devices.

The authorizing may include receiving information identifying one or more authenticating devices associated with the one or more users. Further, an authentication process may be performed using the identified authenticating devices to authenticate the one or more users. If the user(s) are authenticated based on the authentication process, the user(s) may command the VCIS from the one or more associated command devices.

In some embodiments, the authentication process may include initiating a timer to measure a time period during which the one or more users are authenticated using the identified authenticating devices. The one or more users may command the VCIS from the one or more associated command devices if authenticated during the time period.

In some embodiments, the authentication process may include counting a number of authentication attempts during the time period. If the number of attempts is exceeded, the user(s) may not be authenticated.

Another aspect is a method comprising receiving information at a computer associating one or more devices (e.g., a nomadic device or a personal computer) for commanding vehicle controls with a vehicle. Further, the method may include receiving information at the computer identifying a user who may request authorization to command vehicle controls from the devices. The method may also include authorizing the command(s) from the devices.

The authorizing may include performing an authentication process to authenticate the user(s). If the user(s) are authenticated based on the process, the user(s) may command the vehicle controls from the devices.

In some embodiment, the authentication process may include receiving one or more inputs for authentication and authenticating the user(s) based on the one or more inputs for authentication.

The one or more inputs for authentication may be one or more authentication items. These authentication items may include, but are not limited to, one or more touch-based inputs, information from one or more vehicle key transponders, one or more voice commands, one or more codes, one or more patterns of maneuvers, or at least one question and answer process.

In some embodiments, the authentication process may further include initiating a timer to measure a time period during which the one or more inputs for authentication are received. Further, the authentication process may include authenticating the user(s) based on the one or more inputs for authentication if received during the time period.

In some embodiments, the authentication process may further include counting a number of authentication attempts and authenticating the user(s) based on the one or more inputs for authentication unless the number of attempts is exceeded.

These and other aspects will be better understood in view of the attached drawings and following detailed description of the invention.

BRIEF DESCRIPTION OF THE DRAWINGS

The figures identified below are illustrative of some embodiments of the invention. The figures are not intended to be limiting of the invention recited in the appended claims. The embodiments, both as to their organization and manner of operation, together with further object and advantages thereof, may best be understood with reference to the following description, taken in connection with the accompanying drawings, in which:

FIG. 1 shows an illustrative example of a communication system through which a nomadic device can communicate with a vehicle according to one of the various embodiments;

FIGS. 2A-D show illustrative examples of vehicle-based communication devices that provide communication to a remote network according to one of the various embodiments;

FIG. 3 illustrates a process for registering a device for use with a vehicle communications and information computing system;

FIG. 4A illustrates a process for authorizing use of a vehicle communications and information computing system according to one embodiment;

FIG. 4B illustrates a process for authorizing users of the vehicle communications and information computing system according to another embodiment; and

FIG. 5 illustrates a process for providing usage information for the vehicle communications and information computing system to an authenticated user.

DETAILED DESCRIPTION

A typical authentication process for authenticating vehicle owners or users to use the vehicle's telematics system may not only be expensive for an OEM, but also inconvenient for the vehicle owner. Authentication may be performed through a human operator with access to information for authenticating the vehicle user(s). This may include, for example, access to remote systems, such as a DMV's or Secretary of State's office, to verify the identity of the vehicle owner/users. This may leave a limited time window for the user to be authenticated (e.g., due to hours of operation). Further, using human operators can be expensive for the OEM because of the added cost of employing these individuals. Therefore, using, for example (and without limitation), a nomadic device (such as a cell phone), a vehicle owner and/or user can be authenticated to use the vehicle's communication and information computing system (VCIS) without the issues that may be associated with typical authentication processes.

Detailed embodiments of the invention are disclosed herein. However, it is to be understood that the disclosed embodiments are merely exemplary of an invention that may be embodied in various and alternative forms. Therefore, specific functional details disclosed herein are not to be interpreted as limiting, but merely as a representative basis for the claims and/or as a representative basis for teaching one skilled in the art to variously employ the present invention.

Additionally, the disclosure and arrangement of the figures is non-limiting. Accordingly, the disclosure and arrangement of the figures may be modified or re-arranged to best fit a particular implementation of the various embodiments of the invention.

FIG. 1 shows an illustrative example of a communication system 100 through which a nomadic device can communicate with a vehicle 121. In this illustrative embodiment, a nomadic device (e.g., without limitation, a cellular phone) 103 is used to send a communication through a cellular network 107. This communication is relayed through a network 111 (e.g., without limitation, the cellular network, the internet, etc.) to a centralized system 101. In another embodiment, the nomadic device 103 may send a communication through network 112 which may include, but is not limited to, WiFi or WiMax. This communication is relayed through a network 106 (e.g., without limitation, the internet) to a centralized system 101.

In this illustrative embodiment, the centralized system is a server system that includes processing capability for incoming nomadic device signals designated to interact with a remote vehicle 121.

For example, the server(s) 101 may include an automated call server and/or web host. Further, the server(s) 101 may route an incoming signal from a nomadic device (ND) 103 to the appropriate remote vehicle. Data sent in this fashion may be sent using data-over-voice, a data-plan, or in any other suitable format.

Data can also be sent to the remote vehicle 121 through the server(s) 101 using a personal computer 105. In this case, the data is likely, although not necessarily, sent over the internet 109.

Once the server(s) 101 receive the incoming data request from the remote source 103, 105, the message is processed and/or relayed to a vehicle 121. The vehicle may be identified by a header associated with one or more incoming data packets, or may be identifiable based on a database lookup, for example.

The relay to the vehicle 121 is sent out from the server(s) 101 through a network (e.g., without limitation, a cellular network 113, the internet, etc.) and passed through a cellular network 115 to the vehicle 121. In another embodiment, the relay may be passed through network 114 (e.g., WiFi or WiMax) and to the vehicle 121. A remote communication module 200 in the vehicle 121 receives the signal sent from the server(s) 101 and processes it or relays it to an appropriate processing system within the vehicle 121.

In at least one illustrative embodiment, the vehicle 121 is also outfitted with a communication transceiver, such as, but not limited to, a BLUETOOTH transceiver. This transceiver may allow communication with the nomadic device 103 using a direct signal 119.

It should be understood that the communication between nomadic device 103, server 101, and vehicle 121 may be performed in a number of ways and FIG. 1 is presented for illustrative purposes. FIG. 1 illustrates various alternatives for communicating data. For example, and without limitation, data communication may be partially or entirely cellular or WiFi, or a combination of cellular and WiFi.

FIGS. 2A-D show illustrative examples of vehicle-based communication modules that provide communication to a remote network.

FIG. 2A shows an illustrative example of a communication module 200 combined with a GPS module, wherein a cellular module and GPS are on different boards.

In this illustrative embodiment, a communications module 200 can include a cellular (e.g., and without limitation, GSM or CDMA) antenna 201 that communicates with a remote server over a cellular network. The received cellular signal may be sent from the cellular antenna 201 to a multi-band cellular (e.g., and without limitation, GSM or CDMA) decoder 219 that processes the received signal to produce information usable by the microprocessor 217.

In this illustrative embodiment, the multi-band cellular chip 219, including flash memory 207 and RAM 211, is installed in the module as part of a removable device 223 including a SIM card 221. The SIM card 221 may contain user identifying information that allows access to the cellular network under a particular user's plan.

Additionally, the module includes a GPS chip 203 that can process and decode a signal from the GPS antenna 205 and send this information to a microprocessor 217.

The microprocessor is also in communication with a vehicle data bus that provides access to various vehicle modules, such as RF module 215. Other modules not shown include, but are not limited to, the vehicle cluster, a remote (off-board) GPS system, a radio module, etc. Non-limiting examples of a vehicle data bus include an SAE J1850 bus, a CAN bus, a GMLAN bus, and any other vehicle data buses known in the art. For illustration purposes only, FIGS. 2A-2D are represented as using a CAN bus.

FIG. 2B shows a second exemplary embodiment in which a cellular chip and GPS are on the same board 223. In this illustrative embodiment, the removable board (this board may also be permanently attached to the module) 223 may contain the SIM card 221, a GPS module including a GPS chip 203 and a GPS antenna 205 a, and the Multi-band cellular chip 219 including flash memory 207 and RAM 211.

In another embodiment, the GPS antenna 205 b may be attached to the module separately from this board 223. When a signal comes in from the cellular antenna 201 and/or the GPS antenna 205 b, the signal may be sent to the corresponding cellular/GPS chip 203 for processing, and then passed to the microprocessor 217. The microprocessor 217 interfaces with the CAN transceiver 213 to connect to a vehicle network 214 and vehicle modules such as RF module 215.

FIG. 2C shows yet another exemplary embodiment in which the cellular module is standalone. In this illustrative embodiment, the GPS module containing the GPS antenna 205 and the GPS chip 203 may connect to the microprocessor 217 through the CAN transceiver 213. Other vehicle modules, such as an RF module 215 can also connect to the microprocessor through the CAN transceiver 213.

In this illustrative embodiment, the removable board 223 may contain a SIM card 221 and a multi-band cellular chip 219, as well as a flash memory 207 and RAM 211. Signals from the cellular antenna 201 may be sent to the board 223 for processing by the multi-band cellular chip 219 before being sent to the microprocessor 217.

FIG. 2D shows still another exemplary embodiment in which a cellular module is combined with an RF module 215 in the communications module 200. The RF module 215 may continue to talk to the microprocessor 217 through the CAN transceiver 213. In this illustrative embodiment, the GPS module, including the GPS antenna 203 a, 203 b and GPS chip 205 a, 205 b can be located within the communications module 200 or located elsewhere in the vehicle, in which case it may communicate with the microprocessor 217 through the CAN transceiver 213.

Again, in this embodiment, the cellular antenna 201 may send a signal to the multi-band cellular 219, including flash memory 207 and RAM 211. The signal may be processed and sent to the microprocessor 217. The multi band cellular chip 219 may be located on a removable circuit board 223, which may also include a SIM card 221.

In some embodiments, input(s) may be received in the vehicle 121 through tactile and/or audible inputs. Accordingly, the module 200 may process such inputs received from one or more vehicle microphones (not shown) and one or more touch-sensitive vehicle controls (not shown) via vehicle network 214.

FIG. 3 illustrates a process for registering a user device for use with the system 100 by a vehicle user (e.g., one or more drivers and/or one or more passengers). The registration process may occur any time the system is used or trying to be used including, but not limited to, before first use and/or with every use of the system.

Use of the communications system 100 may be provided once a vehicle user is a registered user. Accordingly, a vehicle user may register one or more devices (nomadic device 103 and/or personal computer 105) to use the communications system 100 (block 300) in order to gain access to various vehicle-based services from the nomadic device 103 and/or personal computer 105. Examples of such vehicle-based services, without limitation, may include remote lock and unlock, remote start, vehicle tracking, remote control of vehicle controls (e.g., and without limitation, radio and HVAC), data download, and others.

Registration may occur from a nomadic device 103 and/or personal computer 105 using an Internet connection. In some embodiments, the vehicle user may download a software application (e.g., a mobile application) to the personal computer 105 and/or nomadic device 103. Using this application, the vehicle user may remotely operate one or more vehicle functions and/or controls via system 100. In order to download this application, the vehicle user may additionally or alternatively register for the service. Registration may occur, for example, through a website.

In some embodiments, the applications may be located and executing on a remote computing system, such as server 101 (or a different server in communication with system 100). In this case, an application programming interface (API) may be installed on the nomadic device 103 and/or personal computer 105 and/or a web-based interface may be used in order to operate the remotely executing application.

The registration process may be, but not necessarily, a single event such that the step may not occur subsequent to a first use of the system 100. During the registration process, the vehicle user may establish one or more forms of identification to identify the vehicle user. Such forms of identification may include a username and password, one or more security questions, a VIN, a mobile identification number (MIN), or a combination of such identification items. Additionally, during the registration process one or more identifiers, such as a phone number, associated with the vehicle user may be provided to identify the nomadic device 103 and/or PC 105 which serves as the primary or controlling device. Also, during the registration process, an identification associated with the module 200 (e.g., and without limitation, a VIN or Electronic Serial Number) may be provided to identify the vehicle having the vehicle controls which may be controlled via the vehicle communication system 100.

Once the user is registered, the vehicle user may login from the nomadic device 103 and/or personal computer 105 (block 302). A login may include, without limitation, inputting the vehicle user identification information created by the user during registration. The input may be one or more touch-sensitive inputs and/or one or more voice inputs. In some embodiments, the login information may be saved in memory. In this case, the vehicle user may use the vehicle-based services without inputting login information.

One or more commands for a vehicle-based service may be input and received by the personal computer 105 or nomadic device 103 (block 304). Where the nomadic device 103, personal computer 105, or the remote computing system has software application installed, this application may receive the command(s). Such commands may be input using tactile and/or audible inputs. Audible inputs may include one or more spoken commands.

Further, vehicle communication module information may be received identifying the vehicle communication module 200 (block 305). Module information may include, for example, an electronic serial number associated with the module 200. This information may be received from the vehicle user via user input. The module information may be received from the module 200 by the user after a key-on event in the vehicle. The user may input this information at the ND 103 and/or PC 105.

In some embodiments, the module information may be stored in memory at one or more of the nomadic device 103, personal computer 105, or the remote computing system during, for example, registration. In this case, the module information may be received from memory. In some embodiments, the module information may be an electronic serial number (ESN) associated with the module 200. This module information may be used to tie the user device (nomadic device 103 and/or personal computer 105) to the module 200 so that data and information may be exchanged.

Since a vehicle user may command one or more vehicle controls from a nomadic device or a personal computer, either or both devices may be registered. As represented by block 306, one or more determinations may be made relating to the type of device used by the vehicle user.

If a nomadic device 103 is used, nomadic device information may be obtained in order for the server 101 to identify the nomadic device (block 308). The nomadic device information may be input manually by a vehicle user from the nomadic device 103 or obtained automatically. Such information may include a mobile identification number (e.g., a phone number).

Additionally, one or more registration codes may be input to and received by the nomadic device 103 (block 310) which may be used by the system 100 (e.g., at server 101) to confirm (block 312) that the nomadic device 103 (and, therefore, the vehicle user) is registered (block 316). The registration code(s) may be received by a vehicle user from the OEM (via, for example, a vehicle dealer or a third-party (e.g., a telematics service provider) either through a physical exchange (e.g., in-person or in a telephone call) or from an Internet-based exchange (e.g., through an email exchange or a website). Once received, the code may be input by the vehicle user. In some embodiments, the registration code (and any associated authorization codes) may periodically change and, as such, a new registration code may be received and input by the vehicle user. The registration code(s) may include numbers, letters, characters, or a combination of numbers, letters, and characters. Additionally, the code(s) may comprise graphics and colors. In some embodiments, the registration code(s) may be input by the vehicle user and stored in memory (e.g., locally or remotely) so that, thereafter, the code is automatically obtained.

The server 101 may store a registration code which may be compared to the registration code received by the nomadic device 103 as part of the confirmation process (block 312) to register the nomadic device 103 (block 316). The confirmation process may occur at server 101. In some embodiments, the comparison may be made to confirm that the codes are the same. Alternatively, the comparison may be made of different, but complementary codes. As one non-limiting example, the registration code from the vehicle user may be “ABCD” while the registration code on the server 101 may be “1234.” Accordingly, the server 101 may receive the “ABCD” registration code and, based on the correspondence between “ABCD” and “1234,” the nomadic device may be recognized (block 316).

If the registration code is not confirmed (block 312), the registration code may be requested and, in some embodiments, the request presented at the nomadic device (block 314). The registration code may be re-entered (block 310).

Referring back to block 306, if the vehicle user is using personal computer 105, information about the personal computer 105 may be obtained in order for the server 101 to identify the personal computer 105 (block 318). Non-limiting examples of personal computer information may include an IP address, a MAC address, or other like identifier. This information may be input by the vehicle user or obtained automatically.

As with when a nomadic device 103 is used, a registration code may be input to and received by the personal computer 105 (block 320) so that the personal computer 105 is registered (block 326). If the registration code(s) is not confirmed, a request for the registration code may be transmitted to the personal computer 105 and, in some embodiments, presented at the computer 105 (block 324). Details of the confirmation process (block 322) and further details about the registration code(s) are described above. Accordingly, for purposes of brevity, these details are not herein repeated. In some embodiments, the process illustrated in FIG. 3 may be time limited. Accordingly, a timer (e.g., a clock on the nomadic device 103, the personal computer 105, or the server 101) may be used to confirm that the registration process is performed within a predetermined time.

As represented by circle block A, the authentication process may further include one or more processes at the vehicle 121. One non-limiting example of this authentication process is provided in FIG. 4.

The authentication request may be received in the vehicle 121 by the module 200 (block 400). In some embodiments, the authentication request may not be received until the registration code(s) is confirmed. In other embodiments, the authentication request may be received at any time. Accordingly, the order of the processes illustrated in FIGS. 3 and 4 is non-limiting and may be modified to best fit the particular implementations of the invention.

The one or more commands for vehicle-based services from the vehicle user may be received by the module 200 (block 402). The command(s) may be transmitted to the vehicle 121 from nomadic device 103 or personal computer 105 directly or via server 101.

The authentication sequence may be initiated in the vehicle (block 404). The module 200 may monitor for the receipt or presence of one or more authentication items (block 412). The authentication items may include, but are not limited to, one or more of the following, individually or in combination: 1 vehicle key, 2 or more vehicle keys, voice, one or more codes (e.g., numeric, alphabetic, or alphanumeric), a pattern of maneuvers, or a question and answer process. In some embodiments, the module may monitor that one or more of these authentication items are within the vehicle. As one non-limiting example, the RF module (e.g., a PEPS receiver) may monitor for the presence of at least two programmed vehicle keys. If detected, the vehicle user may be confirmed as authenticated and, further, in the vehicle.

In other alternative or additional embodiments, the module may monitor for authentication items that are received from a remote source (such as nomadic device 103 and/or personal computer 105). As one non-limiting example, the module 200 may monitor for a code (which may be different than the registration code described with respect to FIG. 3) or a pattern of maneuvers input at the nomadic device 103 or personal computer 105. The software application may receive these authentication items and transmit a confirmation (e.g., and without limitation, a confirmation flag) indicating the authentication status of the vehicle user based on the authentication item (e.g., the code or the maneuvers). The module, in turn, may monitor for the presence of this confirmation flag (block 412).

Of course, the code or maneuvers (in the non-limiting example above) may be provided in the vehicle. For example, the vehicle user may input the code using the vehicle's HMI (e.g., and without limitation, a touchscreen display, a microphone, one or more controls in the center stack, a vehicle keypad, and others). Accordingly, the monitoring may be for authentication items at least some of which may be provided in the vehicle or remote from the vehicle.

In some embodiments, the authentication sequence may be time limited. Accordingly, if the vehicle-based authentication sequence is not completed within the time period, the command(s) for vehicle-based services rejected. In this case, a timer may be initiated as part of the authentication sequence (block 406). The module 200 may use a vehicle clock, a GPS clock, a crystal oscillator, or other like timer for measuring the time. The time period may be measured in seconds, minutes, clock cycles, or variations thereof.

In the illustrative embodiment of FIG. 4, monitoring for the receipt and/or presence of the authentication items may occur if the monitored period of time has not expired (block 408). Otherwise, the authorization process may be suspended (block 410). In some embodiments, when the process is suspended, the authentication process may be restarted.

If one or more authentication items have not been received (block 414), the module 200 may continue to monitor for the authentication item(s) until the time has expired (block 408). Additionally, the time may continue to be monitored if one or more authentication items have been received, but the items are not valid or recognized (block 416). Non-limiting examples where one or more authentication items may not be recognized include, but are not limited to: one key in the vehicle where two are required, incorrect code(s), incorrect maneuver(s), voice is not recognized, and the like. Accordingly, if the time has not expired (block 420), one or more authentication items may continue to be provided (block 412) unless the number of attempts has been exceeded (block 422). The number of attempts may be predetermined by the OEM (or VCIS provider). In some embodiments, the vehicle user may get a single attempt. Once the number of attempts has been exceeded, the authorization process may be suspended (block 410). In some embodiments, the authentication process may be restarted.

It will be appreciated that the time periods 408 and 420 may comprise a single time period. For example, the receipt (block 412) and recognition (block 416) of the authentication items may occur in the same time period in order for the user to be authorized. Alternatively, the time periods 408,412 may be separate time periods measured by separate timers or resetting a timer to measure the time of receipt (block 414) or recognition (block 416) of the authentication items.

If the time has expired, the process may be suspended (block 410). In some embodiments, the authentication process may be restarted.

If one or more authentication items are recognized (block 416), the vehicle user may be authenticated and authorized to use the VCIS and the command(s) accepted (block 418). In some embodiments, recognition of the authentication item(s) may indicate that an authorized user is in the vehicle.

In some embodiments, the vehicle user may be provided with instructions for the authentication process. These instructions may be presented audibly and/or visually at the nomadic device 103, personal computer 105, and/or in the vehicle (e.g., and without limitation, at a vehicle display). These instructions may be provided as the vehicle user performs each step of the authorization process. In some embodiments, the instructions may not be provided until is apparent that the vehicle user requires assistance. As one non-limiting, non-exhaustive example, the vehicle user may be provided instructions if the number of times to input the authentication item(s) has been exceeded.

FIG. 4B illustrates another embodiment of the authentication process for authorizing system use. As illustrated in FIG. 4B, a user requesting authorization may receive module identification information (such as an ESN) which may be input at the remote device (e.g., the nomadic device 103 or PC 105) (block 401). As described above, this information may be, in some embodiments, received from the module 200 by the user, e.g., after key-on.

After such information is received by the server 101 (block 403), including user identification information, the server 101 may determine that a new account is requested based on, for example, the user information and the module 200 information.

One or more notifications may be transmitted to the authorizing user (e.g., the user already having authorization) indicating that a user has requested authorization (block 405). An authorizing user may be a vehicle dealer or a private owner of the vehicle. The user requesting authorization may be an additional user and/or a substitute user of the system.

The notification may state, as a non-limiting example, “a new remote user (name of user) has requested to be account owner—current owner is (name of current owner).” The notification may also include instructions for the authorizing user to accept or reject the request. This notification may be received on the module 200 display (e.g., and without limitation, as a pop-up notification) and/or in the vehicle as a voice notification. In additional or alternative embodiments, the notification may be received on the ND 103 and/or PC 105 as an email, a text message, instant message, web-based message, and the like (block 407).

In one embodiment, the authorization may be accepted/rejected by the requesting user (who then, if accepted, becomes the additional/substitute user). However, a notification may be received at the ND 103 and/or PC 105 notifying the current owner that authorization is being requested and/or authorization was accepted/rejected.

If the request is rejected by the authorizing user, the requesting user(s) may not be authorized to use the system. However, if accepted by the authorizing user, the requesting user(s) may be added/substituted (block 411) and the user authorized (block 413).

In some embodiments, as illustrated in FIG. 4B, multiple notifications may be sent to the authorizing user. For example, a first notification (block 405) may state that authorization is requested (as described above).

If authorization is accepted, the additional/substitute user(s) may only be permitted limited operation of the module 200. As some non-limiting, non-exhaustive examples, the additional user(s) may be restricted from GPS tracking, vehicle lock and/or unlock, and vehicle charging schedule.

Additional notification(s) may be transmitted after the first notification for granting authorization to the additional/substitute user(s). If authorization is accepted, the additional/substitute user may operate all functions of the module 200 (block 409).

In some embodiments, there may be a period of time that elapses before the additional notification(s) are transmitted. The period of time may be in seconds, minutes, hours, days, or variations thereof. The time gap may provide additional confirmation that the additional/substitute user is authorized. For example, if the period of time that elapses is 24 hours, the time gap may confirm that an owner has confirmed authorization of the additional/substitute user (after the second notification) because a non-owner may not have 24-hour access to the vehicle.

In some instances, however, a vehicle technician may have longer than 24 hour access to the vehicle. In this case, if the unscrupulous technician attempts to self-authorize access to the system (e.g., via the module 200), the vehicle owner may be notified at ND 103 and/or PC 105. The vehicle owner may have an override option which disables authorization to the system 200. Alternatively, accepting or rejecting authorization after the second notification may only be permitted from the ND 103 and/or PC 105 so that accepting/rejecting authorization is not permitted from the vehicle.

An authorized user may monitor the usage of the VCIS 100. FIG. 5 illustrates the process for informing an authorized vehicle user about system usage.

A request may be received in the vehicle or remotely from the vehicle (block 500). The request may be received from an authorized user and/or the module 200. The request may be for information for select system usage or all system usage. Accordingly, the usage information may be received according to the type of information requested (block 502) and presented to an authorized user.

Non-limiting and non-exhaustive examples of usage information that may be obtained and provided to the user are illustrated in FIG. 5. For example, if there are new nomadic device(s) 103 that are associated (e.g., paired) with the module 200 (block 504), a notification may be presented with this information to the user (block 506). The notification may also include an identification of the nomadic device (e.g., the phone number). Notifications may be provided in-vehicle (e.g., on a vehicle display or audibly from one or more speakers), as an e-mail, text message, a phone call, or other such notifications.

In some embodiments, the authorized user may indicate whether the associated nomadic device 103 is authorized (block 508) by rejecting the request (block 510) or permitting/accepting the request (block 512). In some embodiments, granting permission may not require input or instructions from the authorized user. For example, the paired nomadic device 103 may be automatically accepted based on information provided by the authorized user indicating which nomadic device(s) 103 are authorized, which may be stored at server 101.

Additionally or alternatively, the vehicle user may obtain vehicle tracking information (block 516). In this case, a tracking event for tracking the vehicle 121 may be received by the module 200 from another person (at another device) and the vehicle's position transmitted to server 101. As an example, a service technician, having access to the vehicle, may attempt to track the vehicle's location. The vehicle user may be notified of the vehicle tracking (block 506) and may permit (block 512) or deny the tracking (block 510). The process for denying or granting permission is described above and, for purposes of brevity, is not herein repeated.

Additionally or alternatively, the vehicle user may request a command history report (block 518). Commands received by the module 200 may be stored in memory at the vehicle or on the server 101. Accordingly, if a report is not requested, if any command(s) are received by the module 200, the may be stored (block 514). If the vehicle user requests a report, the report may be presented in the vehicle, at the nomadic device 103 or at the personal computer 105 (block 520).

Other non-limiting examples of notifications (not shown) may include notification(s) relating to expiration of a subscription to the service and unavailability of one or more services of the module 200.

While exemplary embodiments are illustrated and described above, it is not intended that these embodiments illustrate and describe all possibilities. Rather, the words used in the specification are words of description rather than limitation, and it is understood that various changes may be made without departing from the spirit and scope of the invention. 

1.-20. (canceled)
 21. A system comprising: a mobile-device processor configured to: receive an authentication request from a user attempting to use a substitute-user device to access a vehicle for drive-away; receive confirmation of the request, through a mobile-device interface, approving the user to access the vehicle; and transmit authentication data, usable to start the vehicle for drive-away, to the vehicle in response to receipt of the confirmation.
 22. The system of claim 21, wherein the confirmation of the request is based on a selection of an acceptance option displayed at the mobile-device interface.
 23. The system of claim 22, wherein the acceptance option enables the transmission of the authentication data to the vehicle to enable the substitute-user device to command one or more vehicle controls to a vehicle computing system.
 24. The system of claim 23, wherein the one or more vehicle controls is at least one of remote lock and unlock, remote start, remote radio selection, and remote HVAC selection.
 25. The system of claim 21, wherein the authentication data is at least one of numbers, letters, characters, and a combination of numbers, letters and characters.
 26. The system of claim 25, wherein the vehicle receives, via a vehicle computing system, the authentication data via the substitute-user device and identifies the user based on the at least one of numbers, letters, characters, and a combination of numbers, letters and characters from the substitute-user device.
 27. The system of claim 21, wherein the substitute-user device is a remote nomadic device or a personal computer.
 28. The system of claim 27, wherein the vehicle is enabled to receive a commanded vehicle control via the nomadic device based on the authentication data.
 29. A mobile device comprising: a processor configured to, in response to an authentication request identifying a remote user: transmit authentication data to a substitute-user device in response to approval received via a mobile device user interface authorizing the remote user of the substitute-user device, the authentication data usable by a vehicle to allow vehicle drive-away.
 30. The mobile device of claim 29, wherein the processor is further configured to display at the mobile device user interface an accept and reject option for the authentication request.
 31. The mobile device of claim 30, wherein the accept option enables the transmission of the authentication data to the vehicle to enable the substitute-user device to command one or more vehicle controls to a vehicle computing system.
 32. The mobile device of claim 31, wherein the one or more vehicle controls is at least one of remote lock and unlock, remote start, remote radio selection, and remote HVAC selection.
 33. The mobile device of claim 30, wherein the processor is further configured to, in response to the reject option being selected at the mobile device user interface, transmit a non-authorization message to the substitute-user device.
 34. The mobile device of claim 29, wherein the authentication data is at least one of numbers, letters, characters, and a combination of numbers, letters and characters.
 35. The mobile device of claim 29, wherein the processor is further configured to transmit the authentication data to the substitute-user device via a server.
 36. The mobile device of claim 29, wherein the vehicle is configured to receive a commanded vehicle control via the substitute-user device based on the authentication data.
 37. A system comprising: a processor configured to: receive a request from a first mobile device identifying a user attempting to access a vehicle for drive-away; relay the request to a second mobile device, pre-identified as corresponding to an authorized user for vehicle for drive-away access; and send authentication data to the first mobile device, usable to access the vehicle for drive-away, in response to receiving a confirmation receipt from the second mobile device.
 38. The system of claim 37, wherein the first mobile device is configured to transmit one or more vehicle controls to a vehicle computer based on the authentication data.
 39. The system of claim 38, wherein the authentication data is an electronic serial number associated with the vehicle.
 40. A system comprising: a processor configured to, in response to a request associated with a user attempting to access a vehicle from a first mobile device: relay the request to a pre-identified second mobile device associated with an authorized user to access the vehicle; and send authentication data to the vehicle authorizing vehicle access, in response to receiving a confirmation receipt from the second mobile device. 